Bryan Oneel’s father was a lock. As for Ontel, he described himself as the digital equivalent.
The moral piracy was the Oneel hobby. He studied AI at the university and then returned this Hacking hobby into a profession. “I have had a decade penetration tests for over 150 companies in all areas,” says Onsel TechCrunch, adding that it has continued to easily break into companies that had passed their security checks.
Onsel realized that security often fell into two brackets: painful but effective or painless but ineffective. Most companies have done the least minimum in cyber security and compliance, as they often need a lot of work – and tools and talent – to provide effective security defenses.
Onsel customers continued to ask if he could provide a solution to their problems, so he gave him a shot.
In 2022, he collaborated with his wife, ORA and his friend Erik Vogelzang and started Oneleet, an all-in-one security platform. The start aims to help other companies receive their security certifications, helping them make them safer faster.
Onsel tells TechCrunch that most existing compliance platforms are tools for collecting evidence, where users import data from their various products, pay an end and then-voilà! – Smart a security certificate that says they are safe.
“The result is the compliance theater,” says Onsel Techcrunch. “You are certified on paper, but they are still vulnerable to any kind of attacks.”
TechCrunch event
Francisco
|
27-29 October 2025
The Oneleet is different, said Oneel. The platform includes a series of safety tools: test penetration, code scanning, cloud data security, attack surface management, security training and much more, he said, which aims to provide a better window to a company’s security defenses.
“Because it is integrated from the ground, we can develop integrated security at the touch of a button,” Onsel continued. “This saves customers hundreds of hours and eliminates blind spots from fragmented tools.”
Oneleet then collaborates with independent auditors to provide official certification revisions.
On Thursday, Oneleet announced that it has increased a $ 33 million funding round, led by Dawn Capital to help develop the business. Onsel called the “simple” capital collecting process and said he met with Dawn Capital in San Francisco, where he described “direct chemistry”.
“They already had a deep knowledge of the security and compliance area and immediately understood what we built on the Oneleet, so there was immediate alignment,” Onsel said.
Other tour investors include Y Combinator, co -founder of Dropbox Arash Ferdowsi and former chief executive Snowflake and Servicenow Frank Slootman. Oneleet participated in the summer of 2022 Class of Y Combinator and said that two -thirds of new additions to VC portfolio companies are now its customers.
Competitors in this area include Vanta, Secureframe and Sprinto. For its part, Oneleet has reached $ 9 million in annual repetitive revenue and has raised a total of $ 35 million.
The new cash infusion will be used to expand the Oneleet engineering team, increase AI’s capabilities and find ways to reach more customers. The goal is to end the security theater according to compliance, he said, at a time when the defense against Cyberettacks is more important than ever.
Onsel said AI is changing the scale of cyberattacks. He said, for example, advanced bad actors automated cyber crimes, while reducing the bar for beginners to hit with malicious attacks.
He said that companies are also reckless, as they carefully use “Vibe” tools or giving AI access to businesses critical to businesses without the right protective messages. In the world of compliance, Oneel said, companies can use AI to create false documentation to show that the business is safer than it is.
Onsel says his company is strongly using AI, working in the background for threat modeling and other security assessments, and also helps to design policies. But, he said, the company has a human team to verify information so that the customer does not see illusions. “We are responsible for that,” he said.
“Good security must be invisible,” Onsel continued. “Companies should spend less time worrying about security and more time on building large products. We have a shot to help companies defend themselves more effectively than ever.”
This story was updated to correct errors about ARR.
